"Matthew S. Hallacy" wrote: >If you really want to secure your system: > >1) stop using passwords entirely (use RSA/DSA keys) >2) filter ssh access to only known hosts (where possible) >3) Disable protocol 1 backwards compatibility >4) Disable authentication methods that you do not use, kerberos, rhosts, etc. >5) keep your sshd up to date You forgot: 6) Disable remote root login. 7) Disable sudo. 8) There are more, but I've said enough already. :) Sincerely, Ken Fuchs <kfuchs at winternet.com> _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota Help beta test TCLUG's potential new home: http://plone.mn-linux.org Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list